OpenSSL

require 'openssl'
require 'base64'
require 'digest'

#創建key
 key = OpenSSL::PKey::RSA.new 2048
 open 'private_key.pem','w' do |io| io.write key.to_pem end
 open 'public_key.pem','w' do |io| io.write key.public_key.to_pem end

#導出key
 cipher = OpenSSL::Cipher.new 'AES-128-CBC'
 pass_phrase = 'he is a bad guy'
 key_secure = key.export(cipher,pass_phrase) #導出
 open 'private_secure.pem','w' do |io|
     io.write key_secure
# end

#加載key
 key2 = OpenSSL::PKey::RSA.new(File.read 'private_key.pem')
 p key2.public?

 key3 = OpenSSL::PKey::RSA.new(File.read 'public_key.pem')
 p key3.private?

#加載一個加密的key
 key4_pem = File.read 'private_secure.pem'
 key4 = OpenSSL::PKey::RSA.new(key4_pem,pass_phrase)
 p key4.public?
 p key4.private?

#簽名 爲了驗證簽名，在文檔的哈希值被計算，簽名用公開密鑰解密，然後將結果和被被計算的hash比較，如果相等，簽名奏是有效的
 digest = OpenSSL::Digest::SHA256.new
 signature = key.sign(digest,"document")
 if key.verify(digest,signature,"document")
     puts 'Valid'
 else
     puts 'Invalid'
 end


#加密 解密
 data = "Very, very confidential data"
 cipher = OpenSSL::Cipher.new("AES-256-CBC")
 cipher.encrypt
 key = cipher.random_key
 iv = cipher.random_iv
 encrypted = cipher.update(data)+cipher.final


 deciper = OpenSSL::Cipher.new("AES-256-CBC")
 deciper.decrypt
 deciper.key = key
 deciper.iv = iv
 plain = deciper.update(encrypted) + deciper.final




#隨機字符串
  RandomString = "MoE3PKphuc4bjT7In5JN21DwvGZ8kmlY9VFSA6xLfg0WHaOdeBsqCiz"
  RandomString1 = "psb0jvfygGSezZ9TOAqJIhPckW7dR8DlHQXwxo3t26YnaiULFMB5VEm"
#加密

    str = "123456"
    key = Digest::SHA256.digest(RandomString)
    iv = Digest::MD5.digest(RandomString1)

    aes = OpenSSL::Cipher.new('AES-256-CBC')
    aes.encrypt
    aes.key = key
    aes.iv = iv
    encrypted = Base64.encode64(aes.update(str) + aes.final).strip

#解密
    st = Base64.decode64(encrypted)
    daes = OpenSSL::Cipher.new('AES-256-CBC')
    daes.decrypt
    daes.key = key
    daes.iv = iv
    p daes.update(st) + daes.final